Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
Kicking it Old-School with Time-Based Enumeration in Azure
IntroductionYet another user-enumeration method has been identified in Azure. While Microsoft may have disabled Basic Authentication some time ago, we can…
Missing: Data Classification, Part 2 - Looking at System Classification
Recap of Part 1This is the second of a two-part series on Data Classification. The first part spoke to the fact that most security programs grow…
Pull Your SOCs Up
"It is a capital mistake to theorize before one has data. Insensibly one begins to twist facts to suit theories, instead of theories to suit facts."-Sir Arthur…
Console Cowboys: Navigating the Modern Terminal Frontier
Master the command line with our top 18 tools, from productivity boosters to system monitors, to streamline your workflow and tackle legacy systems with…
How to Get the Most Out of a Pentest
TL;DRDefine the goal of an assessment.Take time to choose the right assessment type.The more detail you give about an asset, the better quality your report…
Putting Our Hooks Into Windows
We're back with another post about common malware techniques. This time we are talking about setting Windows hooks. This is a simple technique that can be used…
When on Workstation, Do as the Local Browsers Do!
1 IntroductionWeb browsers are common targets for many different APTs. Tools like Redline Malware or penetration testing tools such as SharpChrome or…
Gobbling Up Forensic Analysis Data Using Velociraptor
Lately I have been working with Velociraptor for its endpoint and digital forensic capabilities and specifically spent time in many cases in the past two years…
The Hunter’s Workshop: Mastering the Essentials of Threat Hunting
As an incident unfolds, skilled threat hunters with a special talent for uncovering hidden threats stand at the ready. These hunters smoke jump into the chaos…
Oops I UDL'd it Again
IntroductionPhishing. We all love phishing. This post is about a new phishing technique based on some legacy knowledge I had that can be used to get past email…
Must I TRA?: PCI Targeted Risk Analysis
Use of Targeted Risk Analysis (TRA) is a PCI best practice until March 31, 2025, at which time it becomes required for several controls across many assessment…
Execution Guardrails: No One Likes Unintentional Exposure
A red teamer's guide to avoiding common mistakes when creating a sophisticated implant, including hostname keying, network keying, and external keying, with a…
Loading...